Cyber attacks on companies' information systems and data have reached unprecedented proportions, and are growing with each passing year.

The biggest threat to an organization is if there's been a breach of personally identifiable data or credit card information that it stores. That results in a number of costs, including notification costs, providing those whose data was compromised with credit monitoring, potential fines, legal costs if sued - and even reputational costs. If data is stolen, there are also restoration costs.

The threat is largest for smaller organizations. Because larger companies can afford to hire teams of technicians to thwart attacks, cyber criminals are increasingly targeting small and mid-sized organizations as they may not have the same resources to defend their data. The "2019 Internet Security Threat Report" by Symantec found that:

48% of cyber attacks target small business.

Just 14% of small businesses rate their ability to mitigate cyber risks, vulnerabilities and attacks as highly effective.

60% of small companies go out of business within six months of a cyber attack.

Ransomware

According to the Symantec report, in 2018, enterprises accounted for 81% of all ransomware infections. While overall ransomware infections were down, enterprise infections were up by 12% from the 2017 level.

With ransomware, hackers gain access to your IT system, lock it down and demand a ransom to release it. The ransom usually has to be paid in bitcoin or other cryptocurrency so that the criminals can avoid detection.

Phishing and malware

One of the most common ways for criminals to compromise an organization's data is through phishing, a process through which employees are sent e-mails with links, which if they are clicked, gives the hackers entry into the company's computer systems. Malware is usually the code that is inserted into the computer system to either slow systems down or to access the information.

What you can do

Install anti-malware software - This can weed out the latest malware before it does damage.

Lock down your devices - If your staff uses company-owned devices, or you allow them to use their own, require that the devices are locked with a password, fingerprint or other method.

Think twice before downloading -Remind staff to be cautious about downloading new software or browser plug-ins.

Click carefully - Teach your staff to look for telltale signs of phishing e-mails that prompt them to click on malicious links.

The ultimate protection

Cyber-liability insurance covers losses that result from data breaches and other cyber events.

While cyber-liability policies vary among insurers, there are some common threads:

Loss or damage to data - Many policies cover the costs to restore or recover lost, stolen or corrupted data, and may also cover the cost of outside experts or consultants you hire to preserve or reconstruct your data.

Loss of income or extra expenses - Many policies cover income you lose and extra expenses you incur to avoid or minimize a shutdown of your business after your computer system fails due a covered peril. The perils covered may be the same as those covered under damage to electronic data.

Cyber-extortion losses - Cyber-extortion coverage applies when a hacker or a cyber thief breaks into your computer system and demands a ransom to unlock it, or to not damage the data. Extortion coverage typically applies to expenses you incur (with the insurer's consent) to respond to an extortion demand, as well as the money you pay the extortionist.

Notification costs - Policies may cover the cost of notifying parties affected by the data breach by government statutes or regulations. They may also include the cost of hiring an attorney to assess your firm's obligations under applicable laws and regulations.

Network security liability - This covers lawsuits that individuals or companies file against your organization alleging negligence on your part for failing to adequately protect data belonging to customers, clients, employees or other parties.

Give us a call if you would like to discuss your Cyber-Liability Insurance options.

No Comments

Post a Comment

Name

Required

E-Mail

Required (Not Displayed)

Comment

Required

All comments are moderated and stripped of HTML.

Submission Validation

Required

Enter the Validation Code from above.

NOTICE: This blog and website are made available by the publisher for educational and informational purposes only.
It is not be used as a substitute for competent insurance, legal, or tax advice from a licensed professional
in your state. By using this blog site you understand that there is no broker client relationship between
you and the blog and website publisher.